Security Maintenance

Varun Kumar reddy. Chethi reddy

SAP Security & GRC Consultant

E-Mail: ********@*****.***

Mobile: +91-964******* Chennai

Objective:

To work with an organization in which I contribute my technical skills and experience to enhance my own productivity at the same time achieving the organizational objectives with the attribute of time, quality and discipline.

Higher Qualification:

B.Tech (2005-9) from Vidya Jyothi Institute of Technology Azeez Nagar, Hyderabad with First class having an aggregate of 63%..

Professional Summary:

Experience in SAP Security end-to-end Implementation and building security policies and authorization structures.

Creation of Users and roles/Profiles, Maintained user roles and authorizations.

Creating documentation for authorization structures and laid security policies.

Experience in multiple Security environment like SAP R/3, HR, PORTAL SECURITY

Profiles and Authorizations for various landscapes using Profile Generator(PFCG).

Updating transactions via SU24 ( managing authorization objects)

Locking of transactions using SM01

Creation of Mass users, Password reset in SAP system using LSMW scripts, SU10

Creating customized Tcodes using SE93

Creation of authorization objects using SU21

Analyzing missing authorization checks using SU53.

Expertise in SAP Security and Authorizations which includes User Management, User Administration, Monitoring, User Tracing (ST01)

Analyzing users and roles using SUIM tool

Good Knowledge on Internal Auditing and Compliance controls.

Configured Firefighter tool based on business needs in R3.

Good knowledge of Transport Management across various systems.

Good Knowledge on usage of GRC tools: ARA (RAR).ARM (CUP)and EAM(SPM),BRM(ERM).

Having configuration experience in AccessRequest Management tool for SOD Analysis such as User level, Role level, Authorization object level and HR-Object level etc.,

Knowledge on HR Security, Creation of Intofypes, Maintain of positions, creation of PD Profiles, Direct assignment and also indirect assignment by assigning roles based on positions for users in PO13.

Worked on ticketing tool to resolve the issues & problems in different kinds of Sap Security modules.

Professional Experience:

Experience: 4+ Years.

Currently working as Consultant (SAP Security & GRC Consultant) in AstraZeneca for payroll company Generalatronics from June 17 2011 - Present date.

Technical Summary:

Operating Systems

Windows 2003,2000 Server, Linux

Database

Oracle 9i, 10g

SAP Modules

SAP R/3, HR, PORTAL SECURITY

GRC AC 10.1 TOOL

ARA, ARM, BRM, EAM

GRC AC 5.3 TOOL

RAR, CUP, ERM, SPM

SAP R/3 & ECC Security

Managing the user Admin functions in SU01. This includes creation of users, assignment Roles, Locking/unlocking, and password generation/reset, User Deletion in ECC and BI System.

Role Design and Development which includes role creation, change, maintenance, and deletion using Profile Generator PFCG

Analyzed and troubleshoot the security issues using ST01, SU53, SUIM, SE93, S_TCODE, S_TABU_*, S_DEVELOP etc.

Solving ticket issues in Security related tables (Ex AGR_1251, AGR_1252, AGR_AGRS, AGR_TCODES, AGR_USERS and USR* etc.) and reports

Role administration of Single, Derived and Composite Roles.(PFCG).

Worked on Role Transport in same system and also in different systems.

Various activities like user creation, derive role creation, updating org values, Mass role deletion etc.

Released the Task & TR from Dev. to Quality system and co-ordinate with Release/Basis team to move the TR from QA to Production system.

Created Authorization group and maintained the authorization group for the table using SM30.

Created User group by using transaction code SUGR.

Maintenance and the assignment of Authorization Objects for transactions SU24.

Worked on SU10 to perform mass operations.

Analyzed the missing authorization in SU53 & ST01 and provide the correct role to user through SUIM.

Mass User Lock/Unlock for cutover activity through SU10 during release and system refresh.

Making user administration easier by using User Groups.

Maintenance of authorization objects for transactions.

Experienced extensively in User Information System.

Creation of authorization groups as per the business requirement

Configured Audit logs by using SM19, and collecting Audit Logs by using SM20.

HR:

Good Knowledge on HR Security,

Worked on HR Master data Maintenance PA30 and Hiring Process PA40

Creation of PD Profiles, Direct assignment and indirect assignment by assigning roles based on positions for users in PO13.

Good knowledge on 105 info type, mapping user ID to HR Master Records.

Worked on ticketing tool to resolve the issues & problems in different kinds of Sap Security modules.

Infofypes creation and Positions Maintenances,

GRC 5.3/ GRC 10

End to end implementation of ARM, ARA, BRM and EAM modules of GRC Access Control 10.1.

Implementation of RAR,CUP ERM,SPM modules of GRC Access Control 5.3

Hands-on working experience on GRC tools Risk Analysis and Remediation.

Creating monitors, approvers, business units,Mitigation controls in GRC CC.

Experience on Approving FF and performing Log Review for the FF ids

Perform User & Role analysis to find the existing SOD violation for users and roles.

Generating Fire Fighter log report for various FF ids and providing them to the FF id owners.

Creating GRC CUP requests to providing emergency access (Firefighter Ids) based on requirement.

Activation of BC Sets for Workflow, ARA, EAM, ARM, & BRM.

Maintenance of Connectors to Connection Type

Maintenance of Rule Set, Function ID & Risk ID with Risk Owners and generated rules for the Risk ID,

Configuration of Parameters for EAM, Mapping of Owners, Controller and FF Ids etc.

Audit related work:

Worked on Sensitive Role Audit for production systems.

Worked with Internal and External Auditors in creation of User and Role Mitigations and uploaded them.

Worked with Risk and Control team to cleanup sensitive t-code access for 15,000 users

Project Details #1:

Client

Astrazeneca

Role

SAP Security & Design

Environment

ECC 6.0, SAP Netweaver, Enterprise Portal & BW, BizRights

Client Summary: Astrazeneca is a British-Swedish multinational pharmaceutical and biologics company headquartered in London, United Kingdom. It is the world's fifth-largest pharmaceutical company and has operations in over 100 countries. AstraZeneca has a portfolio of products for major disease areas including cancer, cardiovascular,gastrointestinal, infection, neuroscience, repository and inflammation. AstraZeneca has a primary listing on the London Stock Exchange and is a constituent of the FTSE 100 index.

Roles and Responsibilities:

SAP Global security and authorization support for share service, development and design.

Addition, Removal of Transaction Codes, authorizations, authorization objects by modifying existing roles based upon change request.

Develop security roles for project team in different IS* and functional areas.

implementation(design/development and testing to production moment)

Extensively used mass user creation using (SU10) for mass user creation and addition of similar roles to mass users.

Review and request any SU53 auth check report from the SAP Teams for validation of errors.

Upload of Roles in Enterprise Portal and mapping to ECC System backend.

Perform system trace (ST01/STAUTHTRACE) for authorization issues when it makes sense to do so to resolve auth issues and Auth group issues.

Mapping of tables and Auth group in SE54.

Z transaction Authority check .

Maintain security administration for all business day to day operations, project initiatives, enhancements, and system upgrades (SAP R/3 4.6C to ECC 6.0 EHP 4 and EHP 4to EHP 7)

Functional testing support extensive testing in development and quality systems before moving the roles to production through FUSION,HPQC and Panaya.

Working with tables like AGR*, USR*,USH *, USOBX_C and USOBT_C.

Extensively use User Information System(SUIM) to find and generate the reports

Creation /maintenance of UME roles using User management in SAP EP.

Creation of BW roles and assigning them to the user.

Analyzing authorization issues in BW.

Resolving both End users and power user’s authorization problems.

Created roles for Managers and administrators in Solman for Solution Monitoring.

Co-ordinate comprehensive testing of all profiles and authorizations to ensure accuracy and segregation of duties.

Complete maintenance of BizRights/Approva One application.

Make changes to the RuleBooks as per the SoD violations

Schedule Extract and analysis to extract the data from SAP and to analyze it.

Make use of reports and analyze the SoD violations.

Utilize User management and role management to provide access to users.

Utilize Export/Import functionality to transport the changes from one system to other in portal.

Use what if analysis to check if there are any violations by amending the role in SAP.

Troubleshoot any Applications issues by looking into the logs and server maintenance.

Project Details #2:

Client Canada Pacific Railways (March 2012 – Feb 2013)

Role: SAP Security Consultant

Client summary: The Canadian Pacific Railway is a historic Canadian Classic Rail carrier founded in 1881 and now operated by Canadian Pacific Railway Limited . The railway was originally built between Eastern Canada and British Colombia between 1881 and 1885.The CP became one of the largest and most powerful companies in Canada, a position it held as late as 1975.[2] Its primary passenger services were eliminated in 1986, after being assumed by VIA rail Canada in 1978. A beaver was chosen as the railway's logo because it is the national symbol of Canada and was seen as representing the hardworking character of the company.

Job Responsibility: Team member of SAP Basis and Security Team.

Key Responsibilities:

• System performance monitoring which mainly includes analyzing workload on different work processes, buffers, operating system and database deadlocks.

• Daily system health check which includes monitoring day-to-day activities viz. system logs, system performance, ABAP/4 dump analysis, lock entries, background jobs monitoring, system messages, and backup logs.

Handling background jobs.

Checking space statistics for each Table Space, identifying rapidly growing objects.

Creating and modifying users.

Extensively using the T-codes SU01, SU10 for creating and modifying users.

Creating and modifying roles.

Extensively using the T-code PFCG.

Modifying roles by Expert Mode of profile generation and adding the data by converting it into changed and manual modes.

Preparing monitoring sheets and customizing those sheets which includes analyzing monitoring data and setting threshold values.

Achievements and Extra-curricular activities:

Secured First Position in Crrescendo’08 event in National Institute of Technology Karnataka, Surathkal

Was Executive Member of Crrescendo’09 and Incident’10 event in National Institute of Technology Karnataka, Surathkal

Personal Details:

Father’s Name : Ch.Bhoopal Reddy

Languages Known : English, Hindi

Marital Status : Married

Gender : Male

Nationality : Indian

Hobbies : Cricket, Carrom, Music

Strength : Adaptive, flexible and Team Player

Place: Chennai

Date: Varun Kumar reddy

Contact this candidate